haskell/yesod-auth-oauth2
1
0
Fork 0
mirror of https://github.com/freckle/yesod-auth-oauth2.git synced 2026-04-19 01:14:12 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity

Add AzureAD provider

Browse Source
This commit is contained in:
Chris Beavers 2019-03-06 18:15:54 -06:00 committed by patrick brisbin
parent 276407071e
commit 208f497a5a
3 changed files with 56 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
CHANGELOG.md
View File

@ -1,6 +1,8 @@
## [*Unreleased*](https://github.com/thoughtbot/yesod-auth-oauth2/compare/v0.6.1.0...master) ## [*Unreleased*](https://github.com/thoughtbot/yesod-auth-oauth2/compare/v0.6.1.0...master)
- Test with GHC 8.6.3, and not 8.2 - Test with GHC 8.6.3, and not 8.2
- Added AzureAD provider
- COMPATIBILITY: Use `hoauth2-1.8.1`
## [v0.6.1.0](https://github.com/thoughtbot/yesod-auth-oauth2/compare/v0.6.0.0...v0.6.1.0) ## [v0.6.1.0](https://github.com/thoughtbot/yesod-auth-oauth2/compare/v0.6.0.0...v0.6.1.0)

53
src/Yesod/Auth/OAuth2/AzureAD.hs Normal file
View File

@ -0,0 +1,53 @@
{-# LANGUAGE OverloadedStrings #-}
-- |
--
-- OAuth2 plugin for Azure AD.
--
-- * Authenticates against Azure AD
-- * Uses email as credentials identifier
--
module Yesod.Auth.OAuth2.AzureAD
( oauth2AzureAD
, oauth2AzureADScoped
) where
import Prelude
import Yesod.Auth.OAuth2.Prelude
newtype User = User Text
instance FromJSON User where
parseJSON = withObject "User" $ \o -> User
<$> o .: "mail"
pluginName :: Text
pluginName = "azuread"
defaultScopes :: [Text]
defaultScopes = ["openid", "profile"]
oauth2AzureAD :: YesodAuth m => Text -> Text -> AuthPlugin m
oauth2AzureAD = oauth2AzureADScoped defaultScopes
oauth2AzureADScoped :: YesodAuth m => [Text] -> Text -> Text -> AuthPlugin m
oauth2AzureADScoped scopes clientId clientSecret =
authOAuth2 pluginName oauth2 $ \manager token -> do
(User userId, userResponse) <-
authGetProfile pluginName manager token "https://graph.microsoft.com/v1.0/me"
pure Creds
{ credsPlugin = pluginName
, credsIdent = userId
, credsExtra = setExtra token userResponse
}
where
oauth2 = OAuth2
{ oauthClientId = clientId
, oauthClientSecret = clientSecret
, oauthOAuthorizeEndpoint = "https://login.windows.net/common/oauth2/authorize" `withQuery`
[ scopeParam "," scopes
, ("resource", "https://graph.microsoft.com")
]
, oauthAccessTokenEndpoint = "https://login.windows.net/common/oauth2/token"
, oauthCallback = Nothing
}

2
stack-lts-12.2.yaml
View File

@ -1,7 +1,7 @@
--- ---
resolver: lts-12.2 resolver: lts-12.2
extra-deps: extra-deps:
- hoauth2-1.7.2 - hoauth2-1.8.1
- uri-bytestring-aeson-0.1.0.6 - uri-bytestring-aeson-0.1.0.6
# needed so resourcet can get exceptions-0.10 even though hoauth dislikes it # needed so resourcet can get exceptions-0.10 even though hoauth dislikes it